IETF Logo Mail Archive

Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>

Mark Smith <markzzzsmith@gmail.com> Thu, 19 May 2016 08:38 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4834B12D0CA for <ipv6@ietfa.amsl.com>; Thu, 19 May 2016 01:38:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.197
X-Spam-Level:
X-Spam-Status: No, score=-2.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OjVeAp8KmrYO for <ipv6@ietfa.amsl.com>; Thu, 19 May 2016 01:38:23 -0700 (PDT)
Received: from mail-vk0-x230.google.com (mail-vk0-x230.google.com [IPv6:2607:f8b0:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C3DE12B03F for <ipv6@ietf.org>; Thu, 19 May 2016 01:38:23 -0700 (PDT)
Received: by mail-vk0-x230.google.com with SMTP id y2so23153501vka.3 for <ipv6@ietf.org>; Thu, 19 May 2016 01:38:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=XYw/4AmoOaVGVzBTp/io1rozTE6xflD+LEah9rif1vE=; b=lUiQZiL231VxHe3ZFkw+AgJj97cKjRVbSQZs4LAnKnp9l5Aw8fCSgnTDNjyuU5IWmg /doPAgLyQNUq9h1m3PnblEV7K+/fs/8e+386pwWbJfHhxsqOriQZ/qZRvjpFyYVG4MW3 4AP1z5ExLkRBAOqId/w9ueAPL2rKiwVdH4wISJvUDoEFhgBO5YLxj86rufP0mZrh/++I hkuUPr6tPfd2P2mvp6C8/1ta1BPjDPDncFGpcU0mynbcoYUf6AVU1seyPmXW4oKYDxOk GHKU5ZDiYLOb0urd8Y5HuDxSATzZUYVxzB7+/PXXLeoQYh/KpzRvCSSfJCsWL3e2gYMe 5FPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=XYw/4AmoOaVGVzBTp/io1rozTE6xflD+LEah9rif1vE=; b=OFXrSuq1GnbY/Ui+cuqJxjat9mu8TKc8tPDxN5aRddavN+z//eTu7ltf/TMK48xk4O 9t7CGfP6JEuzOWnwna262JdaTn+UVVLbTBqW3iPViSDnJOMw/Ueai1UqW9x7xilXG83u G/1gEqxefVt+Nq9Gj5uuJi/7iMLsRBMaRYe5gwK14PXnuyZdj4qEwkB0lp3oYWJWwFX0 lRAqWHgHa2n5YXlLIL8uavQ07UMI9eUyuzRDk/z1y2RLB2uMk99YyFWInNBahwf1yl4o HUSoF0hnZ8bJ2Z5rh3ua3vxPzdgvd/TEliCMLCBtqZnNTUtQddiEWtainPJcG9dZuXIL r8hQ==
X-Gm-Message-State: AOPr4FVeAkWxu4BhC0COTWA2mOLaGQDpcKc6Dconyl2F4zk2RyrwdwikaGIp5EjpAGhSeQbsToclIi99VyRxLw==
MIME-Version: 1.0
X-Received: by 10.159.34.9 with SMTP id 9mr3508090uad.25.1463647102204; Thu, 19 May 2016 01:38:22 -0700 (PDT)
Received: by 10.176.3.168 with HTTP; Thu, 19 May 2016 01:38:21 -0700 (PDT)
Received: by 10.176.3.168 with HTTP; Thu, 19 May 2016 01:38:21 -0700 (PDT)
In-Reply-To: <CAKD1Yr23S4yHM=31VXTJq7t11P3__GEbbRhM0c085gBjQEGi-Q@mail.gmail.com>
References: <20160428004904.25189.43047.idtracker@ietfa.amsl.com> <89CA2C18-AE61-4D40-8997-221201835944@gmail.com> <CAJE_bqdZ_D7jsDdWQ2FJpLH9cXveYfcye0W2J_mSi-7bYBrOKA@mail.gmail.com> <B849F263-9F99-48E8-B903-8FE7D2CDF277@cooperw.in> <CAJE_bqd1AWOuwvQcGzHg+dAWoump29g14HEA1BoVErXDXSMxaw@mail.gmail.com> <573BCFD0.8090801@si6networks.com> <CAJE_bqfKUbO7C6LnxOOUCVBU9e679_=159Yu6Ti0zhOGDuw98Q@mail.gmail.com> <A1111BEA-C14C-4574-9214-3D9B5500FEA1@cooperw.in> <CAKD1Yr23S4yHM=31VXTJq7t11P3__GEbbRhM0c085gBjQEGi-Q@mail.gmail.com>
Date: Thu, 19 May 2016 18:38:21 +1000
Message-ID: <CAO42Z2xNOyYfqjM9s6YgjWrCAscp6bH0cG-cyLraDJAof8GGMg@mail.gmail.com>
Subject: Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>
From: Mark Smith <markzzzsmith@gmail.com>
To: Lorenzo Colitti <lorenzo@google.com>
Content-Type: multipart/alternative; boundary="001a113dfd349a84f005332de5b9"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/tgDuF8kbvwPedOeYJm1TGmev-Yg>
Cc: Fernando Gont <fgont@si6networks.com>, 神明達哉 <jinmei@wide.ad.jp>, Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2016 08:38:25 -0000

On 19 May 2016 4:11 PM, "Lorenzo Colitti" <lorenzo@google.com> wrote:
>
> On Thu, May 19, 2016 at 2:19 PM, Alissa Cooper <alissa@cooperw.in> wrote:
>>
>> The draft makes just about a clear a statement in this vein as is
possible:
>>
>> "By default, nodes SHOULD NOT employ IPv6 address generation schemes
>>    that embed the underlying link-layer address in the IID.”
>>
>> Note that this statement does not prohibit anything, nor does it make a
normative (in the moral sense) judgment. It just states the recommendation,
which is the point of the document.
>>
>> I appreciate that not everyone on the list agrees with this
recommendation. But I find the claim that this recommendation is unclear to
be difficult to understand. That is, I can’t think of a way to convey the
same recommendation that would be clearer. If you can, please suggest text.
>
>
> Alissa,
>
> I don't think anybody is claiming that the recommendation itself is
difficult to understand. What is difficult to understand is how the
document justifies that claim.
>
> It looks like the main argument used to justify this recommendation is
major privacy risks. But embedding a link layer identifier into an IP
address is not a major [1] privacy risk. It is only embedding a *STABLE*
link-layer address that is a major privacy risk.
>
> Recommending that link-layer address be embedded only if they are
ephemeral would address the privacy concerns just as well as (or maybe even
better) than the approach proposed in this document.
>

So how would the IPv6 layer test that, and if it was tested properly, what
happens if the test fails?

I think the testing of layer 2 address randomisation, and coming up with a
both a user acceptable and friendly scheme to deal with a test failure is
harder and more complex that just universally applying RFC7217 to all past,
current and future link layers, regardless of how good or bad their link
layer addresses are.

It fits the principle of having a single and general solution for all cases
rather than having tests, dealing with exceptions and individual
case-by-case solutions.

IPv6 has followed a theme of trying to generalise functions from layer 2
into layer 3 (e.g.,  ND over ICMPv6 rather than link specific versions of
ND, DHCPv6 over IPv6 over PPP rather than DNS etc. in IPV6CP etc.).

This IPv6 address privacy problem exists at the IPv6 layer. Solve it at the
IPv6 layer and it has only needed to be solved once, rather than
repeatedly, and has been solved universally.

> I think what people are do not understand is why this document recommends
one but not the other. I certainly don't.

RFC1958 explains it:

"The Internet level protocol must be independent of the hardware medium and
hardware addressing."

RFC7217 is fixing a mistake as well as increasing privacy.

Regards,
Mark.

> Cheers,
> Lorenzo
>
> [1] I argue that cross-referencing IPX traffic to IP traffic is not a
major privacy risk because IPX is so uncommon.
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email